index
Join our affiliate program and earn commission selling hoasties! Join now!
Get 10% off your first order! Shop Now
Welcome to Hoasties Coffee!

Privacy policy

Thank you for your interest in this Privacy Policy and welcome to Hoasties Coffee and our website and shop located at www.hoastiescoffee.com (our “website”). At Hoasties Coffee, we are committed to protecting and respecting your privacy. This privacy policy sets out the basis on which we will process any Personal Data that we may collect about you as a visitor to our website. This policy further sets out how we protect your privacy and your rights in respect of our use of your Personal Data.

WHAT IS PERSONAL DATA?

Personal Data is information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, e-mail address, but also your IP address.

Anonymous data exists if no personal reference to the user can be made.

WHAT IS PROCESSING?

"Processing" means and covers virtually any handling of data.

WHAT LAW APPLIES?

We will only use your Personal Data in accordance with the Texas Data Privacy and Security Act (“TDPSA”) and the EU's General Data Protection Regulation (“GDPR”), and of course only as described in this Privacy Policy.

WHO IS RESPONSIBLE FOR DATA PROCESSING?

The responsible party within the meaning of the above is Hoasties Coffee LLC of 120 Sanctuary Rd, Huntsville, Texas, USA (“Hoasties Coffee”, “we”, “us”, “our”). If you want to contact us or if you have any questions, you can reach us by email using info@hoastiescoffee.com with "Data Protection" in the subject line.

WHAT ARE THE LEGAL BASES FOR PROCESSING PERSONAL DATA

We have to have at least one of the following legal bases to process your Personal Data:

  • you have given your consent;

  • the data is necessary for the fulfillment of a contract/pre-contractual measures;

  • the data is necessary for the fulfillment of a legal obligation; or

  • the data is necessary to protect our legitimate interests, provided that your interests are not overridden.

WHAT PERSONAL DATA DO WE COLLECT FROM YOU?

We may collect and process the following Personal Data about you:

a) Personal Data that you give us: Information you give us by filling in forms on our website or corresponding with us by telephone, post, email, or otherwise. It may include your name, address, email address, telephone number; information about your business relationship with us; and your requirements and interests.

We process your first name, last name, e-mail address, billing address, and shipping address for the delivery of your order and the data related to your contract with us to handle the contractual relationship. The legal basis for processing is the provision of a contractual service. When you place an order and you give us Personal Data of a third party, you represent and warrant that the Personal Data is up-to-date, complete, and accurate.

It is possible for you to register for an account. You can choose a password and email address to log in more easily without re-entering your data. We will hold your data for further orders as long as you have your account with us.

If you make a purchase, your payment data will be processed via our payment service provider, Shop Pay (Shopify). Payment data will solely be processed through Shop Pay, and we have no access to any Payment Data. The legal basis is the establishment and implementation of the contract.

We use Klaviyo to analyze user behavior for advertising and market research purposes. Klaviyo can link your behavior on our website with your data if you have registered for our newsletter or email marketing, created an account, or completed an order. The legal bases are service provision and your consent.

We use your data (name and email address) for marketing purposes, like promotions and offers by email, and also reserve the right to use your name and postal address for advertising by post. This protects our legitimate interests.

If you register for our newsletter, we use your email address based on your consent. Unsubscribing is possible at any time via the unsubscribe link. After unsubscribing, we will delete your email address unless further use is consented. The processing bases are your consent and our legitimate interest.

We process data in administrative tasks, business organization, and compliance with legal obligations, such as archiving and accounting. The processing bases are legal obligations and legitimate interest.

b) Personal Data that our website and other systems collect about you: If you visit our website, it automatically collects information like your IP address and visited pages. This monitors performance and improves visitor experience.

The hosting service Shopify processes data including inventory, contact, content, contract, usage, meta, and communication data based on legitimate interests.

We use Shopify’s CMS and eCommerce system to publish and maintain content and forms data. The legal basis is legitimate interest.

We use cookies on our website. Consent is required for non-essential cookies under the TDPSA and PECD. See our Cookie Policy for more details.

c) Other information: We analyze web and server traffic, interactions, browsing behavior, etc., for business reasons. Aggregated Data could be derived from Personal Data but is not legally Personal Data unless it can identify you. We use Google Analytics and Shopify Analytics for this, based on legitimate interest and your consent.

OTHER USES OF YOUR PERSONAL DATA?

We may use your Personal Data to:

  • operate, manage, develop, and promote our business and relationship with you;

  • marketing purposes;

  • accounting and billing;

  • administer and improve our website;

  • offer products and services;

  • provide requested services or information;

  • protect against fraud and crimes;

  • comply with legal obligations, bring/defend claims, and assert rights.

CHANGE OF PURPOSE

We will only use your Personal Data for collected purposes unless another reason compatible with the original purpose arises. If not, we will notify you and explain the new legal basis.

DATA SHARING

Internal:
We transfer your Personal Data within Hoasties Coffee only to authorized employees.

External bodies:
Personal Data may be transferred to service providers:

  • for contract fulfillment;

  • marketing services;

  • communication;

  • website provision;

  • state authorities when required.

International transfers:
We protect your Personal Data through contractual arrangements and technical and organizational measures.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We delete Personal Data when no longer needed unless legal or regulatory requirements dictate retention for specified or longer periods.

DATA SECURITY

Our website uses SSL/TLS encryption and numerous technical and organizational measures to protect Personal Data.

MARKETING

With your consent, we may contact you for marketing purposes via communication channels you provided. Every marketing communication will have an opt-out option.

ADVERTISING

We use third-party tools and cookies to show relevant advertising based on your activity. Data may include HTTP header info, pixel data, and additional website interactions. The legal bases are legitimate interest and your consent. See our Cookie Policy for more information.

YOUR RIGHTS AND PRIVILEGES

You can exercise:

  • Right to access;

  • Right to rectification;

  • Right to erasure;

  • Right to restrict processing;

  • Right to object to processing;

  • Right to data portability.

To update information or withdraw consent, contact us.

For access requests, we aim to respond within 30 days.

Complaint to a supervisory authority

You have the right to lodge a complaint with your state's Attorney General's Office but we would appreciate the chance to address your concerns first.

What we do not do

  • We do not request data from minors.

  • We do not process special category data without consent.

  • We do not use automated decision-making/profiling.

  • We do not sell your Personal Data.

USA SPECIFIC PROVISIONS

We apply the most stringent privacy rules from states like California, Colorado, etc., to all users.

"Shine the Light"
California users can request information about data disclosures.

COPPA
We do not market to children under 13.

CAN SPAM Act
You can unsubscribe from emails at any time.

TCPA
You may opt-out of SMS marketing by replying ‘STOP.’

Do-Not-Track Features
Our website currently does not respond to DNT browser signals.

CANADA AND MEXICO SPECIFIC PROVISIONS

We align with GDPR-like laws in Mexico (LFPDPPP) and Canada (PIPEDA).
National authorities:

HELP AND COMPLAINTS

Contact us at info@hoastiescoffee.com with "Data Protection" in the subject line for any questions or complaints.

CHANGES

The first version of this policy was issued on Friday, December 13th, 2024, and is the current version. Prior versions are invalid. We will revise the effective date if we make changes.